Skip to main content

v7.6

 

Knocknoc 7.5  πŸš€6

Enhancements
  • KnocknocNew 7.5User UI: marksAfter alogging major milestone in our journey to redefine secure network access. This release is a comprehensive redesign of the user experience, delivering a streamlined, intuitive interface that empowers both administrators andin, end users withare greaternow control and clarity β€” without compromising on power.

    But Knocknoc 7.5 isn’t just a facelift β€” it’s a massive uplift in features, performance, and security.

    ✨ New UI & Streamlined Workflow

    • Redesigned interfacepresented with a responsive,UI intuitivethat layout

      can be organized and favorited, with recently-used entries now grouped automatically for easier return use. To ease change-control, existing installs will have this turned off by default, which can be controlled within Settings as an Admin user. This is the default for all new installs, and can be turned off in the same Admin Settings location. 
    • Knoc

      Cleanerimages workflows(new makeuser complexui): tasksKnoc simplerconfigurations andcan faster

      be grouped by Administrators, with a logo added for differentiation. 
    • β€œLight mode: A "light mode" version now exists for Users. The default follows the system-preferences, but can be overwritten by choice the menu. A "light mode" logo can be uploaded by Administrators, until this these are provided a dark background is added to existing images.
    • Agent registration: Agents can be registered using a shared API key, instead of a per-agent token. This aids in IaC/CD pipeline deployments.
    • Direct user assignment: Users can be directly assigned Knocs, whereas previously Groups were required.
    • Knocs/Backends: Cisco Firepower added. Panos now updates "user-ID" values on Passive+ and Active settings. Simpler Panos apikey creation using Knocker.
    • Audit logs: Better detail in audit-logs shown to Admin users. Improved KnocEvent detail in error cases.
    Bug fixes
    • Click to revokeRevoke”: All Knoc's/ACLs can now availablebe alongside β€œclick to grant”revoked.
    • ImprovedServer visibilitylogs: intoServer admin,log userredactions were overly zealous and systembroke activitycorrect log entries.
    • Various: Various small bug fixes, this is worth upgrading.

    πŸ”— Firewall & Integration Enhancements

    • Native orchestration for Fortinet and Palo Alto Networks (including Panorama)

    • Unified workflow to configure Passive, Passive+, and Active modes

    • Simplified integration with Linux Netfilter/IPTables/IPSets (existing IPSets now visible in your Server, per Agent)

    • HAProxy agent capabilities are now passed to the server, including socket locations

    πŸ” Credential Security

    • Credentials for backend orchestrated systems (firewalls, clouds, custom scripts) are now encrypted using an approach akin to zero-knowledge, ensuring a breach of either the Server or Agent do not result in credential exposure.

    • Custom scripts support environment variables, with the username and other values passed by default (see here)

    • Protected (secret) environment variables now supported for safely passing API tokens and credentials

    πŸ” SAML & Access Control Improvements

    • Simpler SAML integration and setup for administrators

    • User/group mapping now supports:

      • SAML groups

      • Local groups

      • Dynamic groups (combining local users with SAML groups)

    • Enhanced access-grant event de-duplication - boosting performance and reducing noise

    • In-server SAML key management - no external handling required

    βš™οΈ Platform and Minor Enhancements

    • User license usage now allows for overages, preventing disruption during growth phases
    • Increased logging visibility: access grants, admin actions, user activity

    • Better redaction in trace-level log mode to protect sensitive details

    • More ports added to discovery methods, for better CGNAT detection
    • Case-insensitive handling of sessionDuration SAML variable

    πŸ”„ Architecture Simplification

    • Backends and ACLs replaced with Knocs β€” simplifying management

    πŸ“¦ Security updates (packages)

    • Various package updates, including Golang security updates

    Knocknoc 7.5 is built for the environments where access can’t just be controlled β€” it needs to be earned, verified, and continuously protected. Whether you're managing critical infrastructure, complex networks, or hybrid environments, this release is designed to meet you there.

    It's important you update your Agents if you want to make use of the new functionality!

    Screenshot 2025-04-10 at 18.06.00.png

    Screenshot 2025-04-10 at 18.04.04.png

    Release Date: 10th20th AprilMay 2025

Back to top